Since this repo still using tsup version 6.x.x there is a security issue with rollup. This issue was already resolved but there is a need to update to the latest version of tsup (8.x.x)
From what I saw the only breaking changes are the node versions so it will support version 18+.
Looking at the engines section of this repo it seems anyway it's intended to support only node 18+.
So I don't see a reason why not to update and resolve the security issue.
How to reproduce
You can start using dependabot security alarms in this repo and you'll see it for yourself.
I do not have a link to anything here as it's a security issue.
Describe the bug
Since this repo still using
tsup
version6.x.x
there is a security issue withrollup
. This issue was already resolved but there is a need to update to the latest version oftsup
(8.x.x
)From what I saw the only breaking changes are the node versions so it will support version 18+. Looking at the
engines
section of this repo it seems anyway it's intended to support only node 18+.So I don't see a reason why not to update and resolve the security issue.
How to reproduce
You can start using dependabot security alarms in this repo and you'll see it for yourself. I do not have a link to anything here as it's a security issue.
Link to reproduction
https://google.com
Additional information